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SYSTEM AND METHOD FOR PERFORMING AN ON-LINE 
TRANSACTION USING A SINGLE-USE PAYMENT 
INSTRUMENT 
Cross Reference to Related Application 

5 This application claims the benefit of applicant's co-pending application 

having U.S. Serial No. 60/149,874 filed August 19, 1999, incorporated herein by this 
reference. 

Field of the Invention 

10 The present invention relates generally to the field of electronic commerce 

and more particularly to a system and method for performing an on-line transaction, 
such as making a payment, with a single-use payment instrument. 

Background of the Invention 

1 5 Currently, there is an element of customer uncertainty in making payments to 

merchants on the Internet. It is not always clear to an end user whether the 
customer's connection is secure. Further, the customer relies very much on visual 
means conveyed by the web browser that the customer is using and on pages of 
information that confirm certificate numbers that are used for encryption. Neither is 

20 it always clear to the customer whether that information is indeed accurate or correct 
or actually coming from the browser or from somebody who is trying to trick the 
customer. 

Aside from Internet communication security, there is also the concern that the 
website with which the customer is communicating is not, in fact, who it purports to 
25 be. The customer may not even be aware of the entity with which the customer is 
dealing. For example, the customer finds a site where the customer wants to buy 
something, but the customer is not sure whether it is a merchant of whom the 
customer has heard. The customer is not sure whether the merchant is actually valid 
and above-board. 
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In any event, there is a perceived risk to the customer in using credit card 
information to pay for goods and services over the Internet. The customer's credit 
card information is of some value and can cause a financial loss as well as 
considerable inconvenience to the customer if it is captured by a third party with ill 
5 intentions. 

On the merchant's side of the transaction, there is a real financial risk that if a 
credit card is used fraudulently, settlement may be withheld or revoked by the card 
issuer upon receipt of a customer dispute. As more goods, such as soflAvare, music, 
electronic books, and the like are purchased over the Internet with no physical 
10 delivery and hence no address involved, the opportunities for such fraud increase. 



Summary of the Invention 

It is a feature and advantage of the present invention to provide a system and 
method for performing an on-line transaction that enables an hitemet customer, such 
15 as an Internet customer making a purchase, to pay for goods and/or services on the 
web without having to worry about the customer's credit card information getting 
into the wrong hands. 

It is another feature and advantage of the present invention to provide a 
system and method for performing an on-line transaction that provides a user, such as 
20 an Internet purchaser, with a unique payment token to pay for goods and/or services 
on the web but which is useless to any unauthorized person. 

It is an additional feature and advantage of the present invention to provide a 
system and method for performing an on-line transaction with a single-use payment 
instrument that affords the customer all the protection available to the customer when 
25 the customer makes use of a credit card or debit card. 

It is a fijrther feature and advantage of the present invention to provide a 
system and method for performing an on-line transaction with a single-use payment 
instrument that removes any concern of the customer about security of the customer's 
connection or the integrity of the website with which the customer makes the 
30 transaction. 
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It is a further feature and advantage of the present invention to provide a 
system and method for performing an online transaction that allows merchants the 
option to identify the token as a single-use instrument based on a characteristic range 
of numbers and either offer preferential terms on such transactions or impose limits 
5 or referrals on those who do not use such an instrument. 

To achieve the stated and other features, advantages and objects, an 
embodiment of the present invention provides a customer, such as an Internet 
purchaser, a one-off, single-use payment token or instrument that will still settle and 
clear through existing credit card payment mechanisms. There is no need for special 

10 accommodation with the Internet vendor in order for the customer to take advantage 
of this instrument. Any vendor that is set up to accept credit card transactions by the 
input of a credit card number and a card expiration date can also be provided with the 
one-off payment instrument for an embodiment of the present invention, that would 
then, as far as that vendor is concerned, settle through the usual credit card channels. 

15 The card expiration date is the month/year card expiration date which a customer 
must provide in a standard credit card transaction. An embodiment of the present 
invention utilizes a card expiration date which is fabricated, because there is no real 
card involved. 

An embodiment of the present invention makes use of computer hardware 
20 and software, such as the computing device of a customer, which can be the 

customer's personal computer (PC), the customer's bank's home banking server, the 
bank's card authorization server, a vendor's website server, and the vendor's credit 
card acquirer, coupled to one another over a network, which can be a global network, 
such as the Internet. The system and method for an embodiment of the present 
25 invention enables the customer to perform an on-line transaction with a vendor using 
the single-use payment instrument, for example, by entering details of the on-line 
transaction at the customer's PC coupled to the customer's bank's home banking 
server over the network. The transaction details include, for example, a payment 
amount for the transaction, which is received by the home banking server from the 
30 computing device of the customer over the network. 



3 



Express Mail Certificate 




,L507 837 300US 



In an embodiment of the present invention, upon receiving the details for the 
on-line transaction with the vendor from the customer, the customer is prompted by 
the home banking server to enter a selection for a source of funds for the transaction 
from a plurality of nomination options, such as a credit card account, a checking 
5 account, or a savings account. The home banking server receives the customer's 
nomination of the source of funds for the transaction from the customer's computing 
device over the network. The home banking server verifies an availability of funds 
for the payment amount for the transaction in the nominated source of funds and 
reserves funds sufficient for the payment amount in the nominated source of funds. 
10 In an aspect of an embodiment of the present invention, the funds can be reserved for 
a predetermined expiry period. The predetermined expiry period, as distinguished 
from the fabricated card expiration date, is typically a short period of hours or days 
for which the payment instrument is valid, but it is not provided to the customer to 
use in the transaction. 

1 5 In addition, in an embodiment of the present invention, the home banking 

server generates details of a payment instrument for the transaction corresponding to 
the transaction details, such as the payment amount for the transaction and a unique 
identification number for the transaction. Further, the transaction details generated 
by the home banking server can include a predetermined expiry for the payment 

20 instrument. In addition, the identification number can have an embedded bank 
identification number for routing the request for authorization to an appropriate 
authorization server, and the identification number can be generated from a 
characteristic range of numbers identifiable by a web site server of the vendor as 
offering superior authentication. A record of the payment instrument details is stored 

25 by the home banking server in a database of one or both of the home banking server 
and a credit card authorization server of the bank. The home banking server also 
provides the payment instrument details to the customer at the customer's computing 
device over the network for use by the customer in the transaction with the vendor. 



30 computing device sends the payment instrument details over the network to the 



In an embodiment of the present invention, the customer at the customer's 
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vendor's website server to pay for the transaction with the vendor. The vendor's 
website server presents the payment instrument details to the vendor's credit card 
acquirer service. In turn, the vendor's credit card acquirer service presents the 
payment instrument details to the bank's credit card authorization server for 
5 authorization. Upon receiving the request for authorization of the transaction for the 
customer by the bank's credit card authorization server, if the request for 
authorization according to the payment instrument details corresponds to the stored 
record of the payment instrument details, the authorization server sends an 
authorization for the transaction for the customer via the vendor's credit card acquirer 

10 service to the vendor's website server. 

If the payment instrument details for an embodiment of the present invention 
include the predetermined expiry for the payment instrument, the transaction is 
authorized by the credit card authorization server if the request for authorization is 
received within the predetermined expiry of the payment instrument. The banking 

15 server also debits the nominated source of fiinds for the payment amount and 
removes the stored record of the payment. Thus, an embodiment of the present 
invention provides a method and system by which an Internet customer is issued a 
one-off, single use payment token or instrument, through a bank with whom he or she 
maintains a checking or credit account. The bank debits the customer's checking or 

20 credit card account for the requested value of the token or instrument which depends 
on the cost of the product or service which is the subject of a proposed transaction. 
The bank may also specify a transaction period during which the token or instrument 
is valid and not valid at any other times. 

The single-use payment token or instrument for an embodiment of the present 

25 invention is distinguished from a debit or credit card-like instrument in that the 

customer is able to choose the source of the money for each transaction from among 
various accounts of the customer. Thus, the customer is able to nominate a particular 
source of funds for a particular transaction, the nominated source is checked for 
availability of credit or funds, and the funds are earmarked to be reserved for the 

30 same period as the expiry of the token or instrument. There is no need for special 
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accommodation with Internet vendors in order for customers to take advantage of the 
instrument. Any vendor that is set up to accept credit card transactions by the input 
of a credit card number and a card expiration date can also be provided with the one- 
off payment instrument, that would then, as far as that vendor is concerned, settle 
5 through the usual credit card channels. 

Additional objects, advantages and novel features of the invention will be set 
forth in the description which follows, and in part will become more apparent to 
those skilled in the art upon examination of the following, or may be learned by 
practice of the invention. 



Brief Description of the Drawings 

Fig. 1 is a schematic diagram which illustrates an example overview of key 
components and the flow of information between the key components for an 
embodiment of the present invention; 



components and the flow of information between the key components for an alternate 
embodiment of the present invention; 

Fig. 3 is a flow chart which illustrates an example of the process of the 
customer performing an on-line transaction using the single-use payment instrument 
20 for an embodiment of the present invention. 

Detailed Description 

Referring now in detail to an embodiment of the present invention, an 
example of which is illustrated in the accompanying attachments, Fig. 1 is a 

25 schematic diagram which illustrates an example overview of key components and the 
flow of information between the key components for an embodiment of the present 
invention. Referring to Fig. 1, an embodiment of the present invention involves a 
number of computer hardware and software components, such as the computing 
device 10 of a customer 12, the customer's bank's home banking server 14, the 

30 bank's card authorization server 16, a vendor's website server 18, and the vendor's 
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Fig. 2 is a schematic diagram which illustrates an example overview of key 
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credit card acquirer 20, coupled to one another over a network, such as the Internet 
22. 

The system and method for an embodiment of the present invention enables 
the customer 12 to make a payment token good only for a single Internet transaction. 
5 In order to do that, before the customer 12 makes a purchase, the customer 12 signs 
on to the customer's preferred home banking system 14, such as Citibank's DIRECT 
ACCESS system, using the customer's personal computer (PC) 10. The customer 12 
signs on to the home banking system 14 in exactly the same way in which the 
customer 12 normally accesses the home banking system 14 over the Internet 22. 

10 In an embodiment of the present invention, the customer 12 signs on to the 

home banking system 14, and fills in a very brief couple of fields of information 
explaining the transaction and, most importantly, the amount, in response to prompts 
by the system 14 for the information. The system for an embodiment of the present 
invention includes, for example, application software that then creates a temporary 

1 5 credit card number and expiry date. The expiry date is the one other piece of 

information that is known to be submitted in the typical credit card authorization. 
The system for an embodiment of the present invention makes a unique combination 
of a card number and expiry date and provides that to the customer 12 for use for the 
purchase, for example, via the vendor's website server 18. 

20 The system sofl^vare for an embodiment of the present invention then creates 

the necessary record for the particular transaction to be authorized. However, unlike 
a normal credit card where any valid transaction subject to balance verification can 
be authorized, an embodiment of the present invention creates a single-use payment 
instrument which exists only for the duration of, and specifically for, that single 

25 transaction. Therefore, any other authorization request which comes into the system 
with those details for a different amount are rejected. The customer 12 then proceeds 
back to (or to) the vendor's Internet website 18 and enters that information just as the 
customer 12 would enter a credit card number and its expiry date at whatever point 
that the vendor's system 18 asks for the customer's credit card information. 
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In an embodiment of the present invention, once the particular transaction 
item has been approved for the amount of w^hich the customer 12 advised the 
vendor's website server 18 and the bank's home banking server 14, it too is removed 
from any authority, so it would only work once. The result of that is that anyone else 
5 who may come into possession of that particular piece of information will not be 
successful if they attempt to use it to perform any other transaction whatsoever. 
Accordingly, if the vendor to whose website server 18 the customer's PC 10 is 
connected is actually acting criminally and is only gathering the information to try 
and use it elsewhere, while it will work for the transaction about which the customer 

10 12 gave information to the customer's bank's home banking server 14, it cannot be 
subsequently authorized. It essentially represents a non-existent bank card, and it is 
of no use to anyone else. 

The system and method for an embodiment of the present invention protects 
both the bank, as well as the customer 12, from anyone taking that information while 

15 it is in transit, encryption discussions notwithstanding, or while it is stored on the 
vendor's computer system 18 and using it for fraudulent purposes. The vendor 
benefits from being able to transact with a wider base of confident customers. And, 
if the vendor chooses to do so, the vendor's website server 18 can be configured to 
recognize the type of instrument being used by characteristic range of numbers and 

20 permit more preferential terms higher value transactions for such payments on the 

basis of their superior authenticity. The customer does not have to be concerned that 
the Internet connection is secure. All that the customer 12 has provided to the bank 
is the customer's identification to the bank's home banking system 14, but that 
information is of no use to anyone else who attempts to present it to a merchant. In 

25 other words, the only item of information being transferred across the network 22 is 
the temporary, short-lived, single-use payment instrument that is created. 

An additional aspect of an embodiment of the present invention is that the 
application of the bank's home banking server 14 that creates the token is able to 
access the database of the bank's credit card authorization server 16 used for credit 

30 card authorization on-line. That application creates the necessary records for the 
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single-use, temporary payment instrument, examines incoming authorization requests 
for that particular instrument from the vendor's credit card acquirer 20, verifies that 
the amount corresponds with the transaction of which the customer 12 advised the 
bank, and authorizes the appropriate transaction, while rejecting any others. In 
5 addition, the application also cleans up that database and removes records referring to 
that instrument once the transaction has been concluded or has expired, as it is not a 
real credit card, and is also subject to a predetermined expiry. In other words, the 
customer 12 is told that this payment authorization token can be used for a 
predetermined period of time, after which it will become useless in and of itself, and 

10 the customer 12 will have to come and get another one. 

In terms of financial settlement from that point on, in an embodiment of the 
present invention, the customer 12 is debited through whatever mechanism the 
customer 12 chooses. For example, the bank can take the money from a credit card 
or from a checking account or from some other account designated by the customer 

15 12. The vendor, assuming that the vendor is indeed valid, can present that 

transaction just as it would any other credit card transaction, and it is settled through 
the normal channels. Thus, there is no actual sign-up necessary for the customer 12. 
The customer 12 merely needs to identify himself or herself to the bank's home 
banking server 14, in order to authorize the issuance of the transaction token and to 

20 authorize the bank to debit the customer's account. 

In an embodiment of the present invention, the bank knows which account of 
the customer 12 to debit by the customer 12 providing that information when the 
customer 12 requests the token. Alternatively, the bank can default to the customer's 
main transactional account that is associated with the profile under which the 

25 customer 12 logged on to the home banking system 14. However, it is likely to be 
more convenient for the customer 12 to be able to choose from where to get the 
money. In that sense, the single-use payment instrument is not necessarily 
characterized as a debit card-like instrument or a credit card-like instrument. 

In an embodiment of the present invention, the way in which the home 

30 banking system 14 works is that one or more customer accounts, such as credit card 
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accounts, checking accounts, and savings accounts, are linked to the customer's 
profile. Thus, the customer 12 is able to nominate a particular source for the funds 
for a transaction or set a preference for the bank to default to a particular means to 
save the customer 12 from entering it each time. In addition, since this is an on-line 
5 system capable of doing so, the customer's nominated source of funds is checked, as 
is the case with someone presenting a debit card or credit card, and the funds are 
earmarked to be reserved for the same period of time as the expiry of the token. 

Referring again to Fig. 1, in an embodiment of the present invention, the 
customer 12 at the customer's PC 10 accesses the vendor's website server 18 and the 

10 bank's home banking server 14 over the Internet 22. In turn, the bank's home 
banking server 14 is coupled to the credit card authorization server 16, which is 
updated with the one-off occurrence for an embodiment of the present invention. 
The application for an embodiment of the present invention resides, for example, on 
the home banking server 14 and the credit card authorization server 16. Graphical 

15 user interface (GUI) screens are presented for the customer 12 on the customer's PC 
10 through the customer's browser. 

Fig. 2 is a schematic diagram which illustrates an example overview of key 
components and the flow of information between the key components for an alternate 
embodiment of the present invention. Referring to Fig. 2, the arrangement is similar 

20 to that illustrated in Fig. 1 except, for example, not using the Internet 22, the vendor's 
website server 18 itself connects to the vendor's credit card acquirer service provider 
20 which, in turn, queries the authorization system 16 back on the bank's side via 
private networks or leased lines. Thus, as far as the customer 12 is concerned, the 
customer 12 communicates strictly with the website server 18, and the website server 

25 1 8 uses whatever means it currently has to authorize the credit card transaction, 
which may or may not involve further communication over the Internet 22. 

Fig. 3 is a flow chart which illustrates an example of the process of the 
customer 12 performing an on-line transaction using the single-use payment 
instrument for an embodiment of the present invention. Referring to Fig. 3, at SI, the 

30 customer 12 at the customer's PC 10 accesses the vendor's website server 18 over the 
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Internet 22 and chooses to make a purchase from the vendor. At S2, the customer 12 
accesses the bank's home banking server 14 and provides transaction details in 
response to prompts. At S3, the bank's home banking server 14 creates the necessary 
payment instrument records based on the transaction details and provides the 
5 instrument details to the customer 12, 

Referring further to Fig. 3 for an embodiment of the present invention, at S4, 
the customer 12 provides the instrument details to the vendor's website server 18 to 
make the purchase from the vendor. At S5, the vendor's v^ebsite server 18 presents 
the instrument details to its credit card acquirer service 20 for authorization. At S6, 

10 the acquirer service 20 presents the details to the bank's credit card authorization 
server 16 for authorization. At S7, the bank's authorization server 16 verifies the 
amount, authorizes the transaction and removes the records. At S8, the vendor's 
acquirer service 20 confirms authorization to the vendor's website server 18 and 
initiates settlement. At S9, the vendor's website server 18 confirms the purchase to 

1 5 the customer 1 2 at the customer's PC 1 0. 

Referring again to Figs. 1 and 2, an important aspect of an embodiment of the 
present invention is some connection between the vendor's website server 18 and the 
vendor's card acquirer service 20. When a vendor starts accepting credit cards for 
payment for goods, the vendor has a relationship, for example, with the vendor's 

20 bank, which actually provides the service of getting authorization for card 

transactions and getting the settlement paid to the vendor's account. Therefore, the 
vendor has some type of mechanism to pass the card information that the customer 
12 sends to the vendor's website server 1 8 on to the vendor's acquirer service 20. In 
turn, the acquirer service 20 presents that information to the customer's bank's credit 

25 card authorization server 16. In an embodiment of the present invention, the 
customer's bank's credit card authorization server 16 is also modified per the 
invention to see a transaction according to the present invention arrive and to 
authorize the transaction as a perfectly valid credit card transaction. 

Various preferred embodiments of the invention have been described in 

30 fiilfillment of the various objects of the invention. It should be recognized that these 
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embodiments are merely illustrative of the principles of the present invention. 
Numerous modifications and adaptations thereof will be readily apparent to those 
skilled in the art w^ithout departing from the spirit and scope of the present invention. 
What is claimed is: 
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